PT-2017-18519 · Quick Heal · Quick Heal Antivirus Pro+2
Published
2017-05-04
·
Updated
2021-09-13
·
CVE-2017-8776
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Quick Heal Internet Security version 10.1.0.316
Quick Heal Total Security version 10.1.0.316
Quick Heal AntiVirus Pro version 10.1.0.316
Description
The issue concerns the lack of Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) protection mechanisms in approximately 165 Portable Executable (PE) files that are part of the default installation. This absence of protection mechanisms provides insufficient defense against directed attacks against the product.
Recommendations
For Quick Heal Internet Security version 10.1.0.316, consider applying configuration changes to enable ASLR and DEP protection mechanisms.
For Quick Heal Total Security version 10.1.0.316, consider applying configuration changes to enable ASLR and DEP protection mechanisms.
For Quick Heal AntiVirus Pro version 10.1.0.316, consider applying configuration changes to enable ASLR and DEP protection mechanisms.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Quick Heal Antivirus Pro
Quick Heal Internet Security
Quick Heal Total Security